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II. RELATED APPEALS AND INTERFERENCES 

Appellants are unaware of any related appeals or interferences. 

III. STATUS OF CLAIMS 

Claims 1-1 1 and 13-22 are pending in this application, were finally rejected in the final 
Office Action mailed on October 6, 2005, and are the subject of this appeal. Claim 12 was 
canceled during prosecution. 

IV. STATUS OF AMENDMENTS 

No amendments were filed after the final Office Action. 

V. SUMMARY OF CLAIMED SUBJECT MATTER 

Claims 1 and 16-18 are independent. These independent claims recite similar features for 
modifying a subscription of a subscriber to one or more telecommunications services, except in 
the context of a method (Claim 1), a computer-readable medium (Claim 16), and an apparatus 
(Claims 17 and 18). Claim 5 is independent and recites a method for modifying subscriptions of 
a group of subscribers to one or more telecommunications services. Claim 9 is independent and 
recites of a method for automatically logging in a subscriber to all telecommunications services 
subscribed to by the subscriber. Claim 13 is independent and recites of a method for 
automatically subscribing a subscriber to a telecommunications service. Claims 19-22 are 
independent and comprise features for modifying a subscription of a subscriber to a 
telecommunications service, except in the context of a method (Claim 19), a computer-readable 
medium (Claim 20), and an apparatus (Claims 21 and 22). 
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The independent claims provide solutions to problems that arise in the management of 
network services for wireless personal digital assistants, cellular telephones, and other mobile 
computing devices. Typically, such network telecommunications services are provided by 
service providers, and may include, but are not limited to, videoconferencing, streaming video, 
personalized Internet, business-grade Internet, shopping, and gaming. (Specification, page 1, 
lines 4-11; page 1, line 24 to page 2, line 2.) 

In one approach, services for a particular subscriber of a service provider are selected 
using a Service Selection Dashboard software element that communicates with a Service 
Selection Gateway software element. Using the Service Selection Dashboard, a network 
administrator selects one or more services and one or more service configuration parameters for 
a particular user. When service selection is completed, the Service Selection Dashboard 
transmits an information profile describing the selected services to the Service Selection 
Gateway, which notifies all other network elements (e.g. routers and switches) that need to know 
about the subscriber and the selected services. (Specification, page 1, lines 11-18.) 

One problem with the above approach is that service selection is not dynamic. If a user 
subscribes to a new service, the service is not available unless the user logs out and then logs in 
again. Another problem with the above approach is that user management is cumbersome. 
Service enablement is carried out on a user-by-user basis and thus a particular service cannot be 
enabled for a group of users. Still another problem is that service subscription and other 
management functions are carried out with respect to individual users. Thus, subscribing a group 
of users to a default set of services based on a subscription level is not available. Yet another 
problem is that the lack of authorization controls allows any user to subscribe to any service. 
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Without an authorization model, however, differentiated services cannot be provided. 
(Specification, pages 2, lines 9-10; page 2, lines 13-15; page 2, line 3-8; page 2, lines 16-20.) 

To address the above problems, the independent claims provide for: modifying a 
subscription of a subscriber to one or more telecommunications services; modifying 
subscriptions of a group of subscribers to one or more telecommunications services; 
automatically logging in a subscriber to all telecommunications services subscribed to by the 
subscriber; and automatically subscribing a subscriber to a telecommunications service. 

Claim 1 recites a method for modifying a subscription of a subscriber to one or more 
telecommunication services based on subscriber information and service information that are 
stored in a directory repository. A determination is made whether the subscriber is currently 
logged in, and if the subscriber is not currently logged in, then the subscriber is directed to login 
through an authentication server. (At least Fig. 2A, Specification, page 14, lines 5-16.) A 
privilege token, which is associated with the authenticated subscriber and includes subscriber 
privilege information, is generated by an authorization service that is separate from the 
authentication server. (At least Fig. 2 A, Specification, page 15, line 13 to page 16, line 3; Fig. 1.) 
A modification request to modify the subscription of the subscriber to the one or more 
telecommunication services is received. (At least Fig. 4A, Fig. 5 A, and Specification, page 24, 
lines 15-21 .) Based on the subscriber privilege information in the privilege token associated 
with the subscriber and generated by the authorization service, a determination is made whether 
the subscriber has sufficient privileges to carry out the requested modification. (At least Fig. 4A, 
Fig. 5B, and Specification page 22, lines 15-19.) If the subscriber is determined to have 
sufficient privileges, then first subscriber information and first service information representing 
only such services for which the subscriber is currently subscribed is retrieved from the directory 
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repository. (At least Fig. 2 A, Fig. 4A, and Specification, page 17, lines 7-10; page 20, lines 11- 
18; page 23, lines 9-21.) The first subscriber information and the first service information are 
modified to reflect the requested modification, and the modified information is sent back to the 
directory repository resulting in creating and storing second service information in the directory 
repository that reflects the modification. (At least Fig. 2A, Fig. 5B, and Specification, page 25, 
lines 14-22.) An engagement request is generated to engage the telecommunication service for 
the subscriber in order to fulfill the modification request. (At least Fig. 2B, Fig. 5B, and 
Specification, page 18, lines 7-15.) 

Claim 5 recites a method of modifying subscriptions of a group of subscribers to one or 
more telecommunications services based on subscriber information and service information that 
are stored in a directory repository. A request from an administrator of the group to modify the 
subscriptions of the subscribers to the one or more telecommunications services is received. (At 
least Specification, page 8, lines 5-9 and 22-24; page 28, line 21 to page 29, line 2.) Based on 
the subscriber privilege information in a privilege token associated with the administrator and 
generated by the authorization service, a determination is made whether the subscriber has 
sufficient privileges to carry out the requested modification. (At least Fig. 4A, Fig. 5B, and 
Specification, page 22, lines 15-19.) If the administrator is determined to have sufficient 
privileges, then current subscriber information and current service information representing the 
then-current services to which the group of subscribers is currently subscribed is retrieved from 
the directory repository. (At least Fig. 2 A, Fig. 4A, and Specification, page 17, lines 7-10; page 
20, lines 11-18; page 23, lines 9-21.) The current subscriber information and the current service 
information are modified to reflect the modification requested by the administrator, and the 
modified information is sent to the directory repository resulting in creating and storing updated 
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service information in the directory repository that reflects the modification. (At least Fig. 2A, 
Fig. 5B, and Specification, page 25, lines 14-22.) One or more requests are generated to 
subscribe the telecommunication service to the group of subscribers in order to fulfill the 
modification request of the administrator. (At least Fig. 2B, and Specification, page 18, line 25 to 
page 9, line 2.) 

Claim 9 recites a method of automatically logging in a subscriber to all 
telecommunications services subscribed to by the subscriber based on subscriber information and 
service information that are stored in a directory repository. A request from the subscriber to log 
in to the telecommunications services is received. (At least Fig. 2B, and Specification, page 17, 
lines 11-18.) The subscriber is authenticated by an authentication server. (At least Fig. 2 A, and 
Specification, page 14, lines 21-24.) A privilege token, which is associated with the subscriber 
and includes subscriber privilege information, is generated by an authorization service that is 
separate from the authentication server. (At least Fig. 2 A, and Specification, page 15, line 13 to 
page 16, line 3; Fig. 1.) A determination whether the subscriber is allowed to automatically log 
into the telecommunication services is made based on the subscriber privilege information in the 
generated privilege token. (At least Fig. 2B, and Specification, page 16, lines 4-18.) If the 
subscriber is allowed to automatically log into the telecommunication services, a list of all 
services for which the subscriber is then currently subscribed is received from the directory 
repository, and the subscriber is logged into all services identified in the list. (At least Fig. 2B, 
and Specification, page 17, lines 11-14; page 18, lines 16-17.) 

Claim 13 recites a method of automatically subscribing a subscriber to a 
telecommunications service based on subscriber information and service information that are 
stored in a directory repository. A request from the subscriber to obtain a list of available 
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telecommunications services is received. (At least Fig. 5 A, and Specification, page 24, lines 18- 
21 .) A list of only those telecommunication services for which the subscriber has a privilege to 
subscribe to is generated based on privilege information and service information that are stored 
in the directory repository and are associated with the subscriber, where the privilege information 
specifies what telecommunication services the subscriber has privileges to subscribe to. (At least 
Fig. 5A, and Specification, page 24, line 22 to page 25, line 10.) A subscriber selection of one of 
the telecommunication services from the generated list is received. (At least Fig. 5B, and 
Specification, page 25, lines 1 1-22.) Verification is made that the subscriber has privileges that 
permit the subscriber to subscribe to the selected telecommunications service. (At least Fig. 5B, 
and Specification, page 25, lines 23-26.) Updated subscription information is then created and 
stored in the directory repository. (At least Fig. 5B, and Specification, page 25, line 26 to page 
26, line 2.) A request to subscribe the subscriber to the selected telecommunication service is 
generated based on the updated subscription information. (At least Fig. 5B ; and Specification, 
page 25, lines 18-22; page 26, lines 3-6.) 

Claim 19 recites a method for modifying a subscription of a subscriber to a 
telecommunication service based on information stored in a directory repository. A request to 
identify one or more services to which a subscriber is subscribed is received, where the request is 
based on a prior request to modify the subscription of the subscriber to the telecommunication 
service. (At least Specification, page 3, lines 1-13, page 19, lines 23-24.) A list of the one or 
more services to which the subscriber is currently subscribed is generated based on group 
membership of the subscriber, one or more roles occupied by the subscriber, and authorization 
information associated with the subscriber that is stored in the directory repository, where the 
one or more roles are mapped to privileges that specify telecommunication services a subscriber 
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having that role can subscribe to. (At least Specification, page 3, lines 1-13, page 8, lines 10-17; 
page 8, line 25 to page 9, line 8; page 16, lines 5-8.) Individual service information for each of 
the one or more services in the list is generated based on subscriber information and service 
information that is stored in the directory repository for use in automatically subscribing the 
subscriber to a service that is represented by the individual service information. (At least Fig. 
5A-5B, and Specification, page 3, lines 14-19; page 25, lines 14-22.) 

Claim 17 is a means-plus-function claim. In one embodiment, the means for determining 
whether the subscriber is currently logged in, the means for directing the subscriber to log in 
through an authentication server, the means for receiving a modification request, and the means 
for determining whether the subscriber has privileges sufficient to carry the requested 
modification all correspond to the Service Selection Dashboard 110 and its functions as 
illustrated in Fig. 1 and described in the Specification at pages 9-11 and 14-19. In this 
embodiment, the means for sending and receiving information from the directory repository, the 
means for modifying the information received from the directory repository, and the means for 
generating engagement requests all correspond to the Directory-Enabled Service Selection 
System 112 and its functions as illustrated in Fig. 1 and described in the Specification at pages 
11-13, 17-19, and 19-21. The means for generating a privilege token correspond to 
Authorization Service 114 and its functions as illustrated in Fig. 1 and described in the 
Specification at pages 10-11, 15-16, and 19-20. 

Claim 21 is a means-plus-function claim. In one embodiment, the means for receiving a 
request to identify one or more services to which a subscriber is currently subscribed and the 
means for generating a list of the one or more services to which the subscriber is currently 
subscribed all correspond to the Service Selection Dashboard 110 and its functions as illustrated 
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in Fig. 1 and described in the Specification at pages 9-1 1 and 14-19. In this embodiment, the 
means for generating individual service information for each of the one or more services in the 
list corresponds to the Directory-Enabled Service Selection System 1 12 and its functions as 
illustrated in Fig. 1 and described in the Specification at pages 11-13, 17-19, and 19-21. 

VI. GROUNDS OF REJECTION TO BE REVIEWED ON APPEAL 

1 . Claims 1-4, 9-11, and 13-18 stand rejected as allegedly unpatentable under 35 
U.S.C. § 103(a) over An et al., U.S. Patent No. 6,03 1,904 (hereinafter "AN") in view of Lloyd et 
al, U.S. Patent No. 6,219,790 (hereinafter "LLOYD"), and further in view of Kodosky et al., 
U.S. Patent No. 6,173,438 (hereinafter "KODOSKY"). 

2. Claims 5-8 and 19-22 stand rejected as allegedly unpatentable under 35 U.S.C. § 
103(a) over AN in view of LLOYD, further in view of KODOSKY, and further in view of 
Sladek et al., U.S. Patent No. 6,622,016 (hereinafter "SLADEK"). 

VII. ARGUMENT 

A. Introduction 

To establish prima facie case of obviousness under 35 U.S.C. § 103(a), all the claim 
limitations must be taught or suggested by the references cited and relied upon. In re Royka, 490 
F.2d 981, 180 USPQ 580 (CCPA 1974). In addition, a sufficient factual basis to support the 
obviousness rejection must be proffered. In re Freed, 165 USPQ 570 (CCPA 1970); In re Warner, 
154 USPQ 173 (CCPA 1967); In reLunsford, 148 USPQ 721 (CCPA 1966). Further, there must 
be some suggestion or motivation to modify the references or to combine the references' 
teachings to make the claimed combination; the suggestion or motivation to make the claimed 
combination must be found in the prior art, not in the applicant's disclosure. In re Vaeck, 947 
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F.2d 488, 20 USPQ2d 1438 (Fed. Cir. 1991). Finally, if an independent claim is nonobvious 
under 35 U.S.C. 103, then any claim depending therefrom is nonobvious. In re Fine, 837 F.2d 
1071, 5 USPQ2d 1596 (Fed. Cir. 1988). 

The final Office Action in the present application fails to satisfy these criteria for the 
rejections of the pending claims, including independent Claims 1, 5, 9, 13, 16-18, and 19-22. 
Specifically, Claims 1-4, 9-1 1, and 13-18 include one or more features that are not taught or 
suggested by AN, LLOYD, and KODOSKY. Further, Claims 5-8 and 19-22 include one or 
more features that are not taught or suggested by AN, LLOYD, KODOSKY, and SLADEK. In 
addition, the art provides no suggestion or motivation to combine AN and KODOSKY. For 
these reasons, the rejection of Claims 1-11 and 13-22 under 35 U.S.C. § 103(a) are clearly 
erroneous, and should be reversed. 

B. Independent Claim 1 is patentable over AN in view of LLOYD and further in 

view of KODOSKY because these references do not teach or suggest all 

features of the claim 

Claim 1 is patentable under 35 U.S.C. § 103(a) over AN in view of LLOYD, and further 
in view of KODOSKY because Claim 1 includes one or more features that are not taught or 
suggested by AN, LLOYD and KODOSKY. 
Claim 1 comprises the features of: 

determining whether the subscriber is currently logged in, and if the subscriber is 
not currently logged in, directing the subscriber to log in through an 
authentication server and generating, by an authorization service, a 
privilege token associated with the authenticated subscriber that 
includes subscriber privilege information, wherein said authorization 
service is separate from said authentication server; 

receiving a modification request to modify the subscription of the subscriber to 
the one or more telecommunication services; 

determining, based on subscriber privilege information in the privilege token 
associated with the subscriber generated by the authorization service, 
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whether the subscriber has privileges sufficient to carry out the 
requested modification; 

if the subscriber is determined to have sufficient privileges, then performing the 
steps of: 

receiving, from the directory repository, first subscriber information and 
first service information representing only such services for which the 
subscriber is then currently subscribed; 

modifying the first subscriber information and first service information to reflect 
the modification; 

sending the modified information to the directory repository, resulting in 
creating and storing, in the directory repository, second service 
information that reflects the modification; 

generating an engagement request to engage the telecommunication service for 
the subscriber in order to fulfill the modification request. 

AN, LLOYD, and KODOSKY, when taken alone or in combination, do not teach or suggest the 

above features of Claim 1 . 

The final Office Action does not provide any specific citations to AN, LLOYD, and 
KODOSKY, and does not specifically identify what exactly in these references is equivalent to 
each of the features of Claim 1 . Instead, the final Office Action makes the extremely broad and 
very general assertions that: (1) AN describes means and method for modifying a subscriber's 
features profile; (2) tokens are very old and well known in the art as merely one means of 
effecting validation, and that KODOSKY teaches a system and method of using tokens; and (3) 
LLOYD teaches authentication, authorization, and accounting server. In support of these 
assertions, the final Office Action provides the following citations: (1) from AN - Fig. 2, col. 4, 
line 17 to col. 5, line 34, and col. 5, line 49 to col. 9 line 30; (2) from KODOSKY - Fig. 16 and 
col. 20, lines 10-39; and (3) from LLOYD - Abstract, Fig. 2, col. 1, line 10 to col. 4, line 29. By 
making such non-specific citations to large portions from these references, especially from AN 
and LLOYD, the final Office Action apparently disregards and fails to consider many features 
that are expressly recited in Claim 1. Further, the extremely broad and vague citations to AN 
and LLOYD do not provide the Appellants with adequate notice or reasonable particularity with 
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respect to the basis of the rejection of Claim 1. As a result, the Appellants have had to engage in 

guesswork to determine the basis of the rejection. The Appellants cannot see any structure or 

functions in the cited references that correspond to all features recited in Claim 1. 

a. A privilege token associated with an authenticated subscriber and 

including subscriber privilege information, which is used to determine 
whether the subscriber has privileges sufficient to carry out a 
requested subscription modification 

Claim 1 comprises the features of a privilege token that is associated with the 
authenticated subscriber and that includes subscriber privilege information, and determining, 
based on the subscriber privilege information in the privilege token, whether the subscriber has 
sufficient privileges to carry out a requested modification to a subscription of the subscriber. In 
contrast, AN, LLOYD and KODOSKY do not teach or suggest any such feature. 

The Office asserts that KODOSKY describes a privilege token that is equivalent to the 
privilege token featured in Claim 1. Specifically, the final Office Action asserts that in Fig. 16, 
and in col. 20, lines 10-39, KODOSKY describes such a privilege token. This assertion is 
incorrect. 

KODOSKY teaches that a token can be used to arbitrate who has read/write privilege to 
different fields of a particular shared memory block. (Col. 20, lines 10-13.) Thus, the token in 
KODOSKY is a generic token used to determine which entity currently has read/write privileges 
to a shared memory block associated with the token. As shown in Fig. 16 and described in col. 
20, lines 31-32 of KODOSKY, only token owners can read and write data in the fields of the 
shared memory block at any given time; non-token owners have to wait until they receive the 
token associated with the shared memory block (col. 20, lines 45-46). In this way, KODOSKY 
ensures that token owners will make sure that the data in the shared memory block is in a 
consistent state before passing the token, and that there will be no case where two sides have 
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write privileges to same field of the shared memory block at any given time. (Col. 20, lines 34- 
39.) 

In contrast, the privilege token featured in Claim 1 is associated with an authenticated 
subscriber and includes subscriber privilege information, which is used to determine whether the 
authenticated subscriber has sufficient privileges to carry out a requested subscription 
modification. Since KODOSKY does not describe or suggest anything even remotely related to 
a subscriber, the read/write token in KODOSKY does not and cannot possibly include any 
information that is associated with an authenticated subscriber or with subscriber privilege 
information as featured in Claim 1 . 

The Office attempts to "patch-up" these deficiencies of the teaching of KODOSKY by 

making factually unsubstantiated assertions regarding the nature and the general use of tokens. 

Specifically, in pages 3-4, the final Office Action asserts that 

Even in networking, as a term of art, a token is merely a set of bits that if the 
network recognizes, allows the data tagged with that token access to 

transmit/travel over the network It would have been obvious for one of 

ordinary skill in the art to use a privilege token method of validation inasmuch as 
again, it is merely one of a plurality of well known methods of validation. 

The above general assertion has nothing to do with the specific use of a privilege token that is 
featured in Claim 1 . The assertion only attempts to disguise the fact that the Office has failed to 
establish a prior disclosure of a feature expressly recited in the claim. 

Further, the Office asserts that Goldsmith, U.S. Patent No. 6,064,990 (hereinafter 
"GOLDSMITH") teaches that it is old and well known to use authentication tokens for 
preventing unauthorized access, that Sawyer et al., U.S. Patent No. 6,324,271 (hereinafter 
"SAWYER") teaches a system and method of call identification authentication, and that Somers 
et al., U.S. Patent Publication No. 2002/01 16396 (hereinafter "SOMERS") teaches using access 
authorization token data having different levels of access stored on the token. Neither of 
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GOLDSMITH, SAWYER, or SOMERS, however, teaches or suggests the feature of Claim 1 of 
a privilege token that is associated with an authenticated subscriber and includes subscriber 
privilege information, which is used to determine whether the authenticated subscriber has 
sufficient privileges to carry out a requested subscription modification. 

For example, GODLSMITH describes the use of an encrypted token to conduct financial 
transaction for accounts to which the token permits access (GOLDSMITH, col. 1, lines 14-19), 
but this use is different than determining, based on subscriber privilege information included in a 
privilege token, whether a subscriber has privileges sufficient to carry out a subscription 
modification, as featured in Claim 1. SAWYER describes using a token to authenticate a 
caller's identity in a telephone system, where the token is a smart card or other integrated circuit 
device. (SAWYER, Abstract, col. 2, lines 8-24.) Thus, while Claim 1 features an intangible 
privilege token that is associated with an authenticated subscriber, SAWYER at most teaches use 
of a physical device as a token to authenticate a caller's identity. Finally. SOMERS describes a 
system for exchanging personal contact information by providing tokens that identify sets of 
contact information, which can be retrieved by presenting the token. (SOMERS, paragraphs 
[0020]-[0021].) Thus, in SOMERS the tokens identify sets of information and are used to 
retrieve such sets of information, while in Claim 1 subscriber privilege information included in a 
token used to determine whether a subscriber has sufficient privileges to modify the subscriber's 
subscription to services. 

For the above reasons, AN, LLOYD, and KODOSKY do not teach, describe, or suggest 
the features of Claim 1 of a privilege token that is associated with the authenticated subscriber 
and that includes subscriber privilege information, and determining, based on the subscriber 
privilege information in the privilege token, whether the subscriber has sufficient privileges to 
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carry out a requested modification to a subscription of the subscriber. 

b. Generating a privilege token by an authorization service that is 
separate from an authentication sever 

In Claim 1, an authorization service that is separate from the authentication server 
generates a privilege token, which includes subscriber privilege information for an authenticated 
user. In contrast, AN, LLOYD, and KODOSKY do not include anything that is equivalent to this 
feature of Claim 1 . 

The Office asserts that this feature of Claim 1 is disclosed by LLOYD. Specifically, the 
final Office Action asserts that LLOYD describes this feature in its Abstract, in Fig. 2, and in col. 
1, line 10 to col. 4, line 29. There is nothing in LLOYD that is equivalent to an authorization 
service that is separate from an authentication server. 

In Fig. 2, LLOYD describes an Authentication, Authorization, and Accounting (AAA) 
server. The AAA server in Fig. 2, however, clearly shows authentication and authorization (AA) 
module 232, that performs both authentication and authorization functions. (See also LLOYD, 
Abstract, and col. 7, lines 24-33.) Further, the passages from LLOYD cited in the final Office 
Action do not teach, describe, or suggest that any component, which is separate from the AAA 
server, is capable of performing authorization functions. Finally, LLOYD does not even mention 
the term "token", let alone teach of suggest that the AA module 232 is capable of generating a 
privilege token such as the privilege token featured in Claim 1 . 

The Office asserts that LLOYD, by virtue of describing an AAA server, inherently 

suggests an authorization service that is separate from the AAA server. Specifically, in page 5, 

the final Office Action states: 

Although server 1 18 is a single server, Fig. 1 shows that even at least on an 
object-level, authentication and authorization are separate elements or acts and 
therefore, it still would have been obvious for one of ordinary skill in the art at the 
time the invention was made to have used two separate servers. Motivations for 
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doing so are because they can be considered to be two separate actions that 
deserve their own separate servers. However, because as operations, they are so 
intertwined, for the sake of saving resources or streamlining operations, they can 
be implemented in a single server as shown. Either is ample motivation for using 
either method - separate or together. 

In the above passage, the Office admits that LLOYD does not describe an authorization service 

that is separate from an authentication server. Further, while the Office attempts to assert that 

LLOYD suggests that an authorization service can be separate from an authentication server, the 

Office offers only a factually unsubstantiated statement and does not cite any passages from 

LLOYD that support such an assertion. Because in LLOYD the only description of an 

authorization service is in the context of an AA module in an integrated AAA server, LLOYD 

would not have suggested to one of ordinary skill an authorization service that is separate from 

an authentication server as featured in Claim 1. Only hindsight review of Appellants' disclosure 

motivates such separation. 

For the above reasons, AN, LLOYD, and KODOSKY do not teach, describe, or suggest 

the feature of Claim 1 generating a privilege token by an authorization service that is separate 

from an authentication sever. 

c. A directory repository that stores subscriber information and service 
information 

Claim 1 also comprises: receiving, from a directory repository, first subscriber information 
and first service information representing only such services for which the subscriber is then 
currently subscribed; and sending the modified information to the directory repository, resulting 
in creating and storing, in the directory repository, second service information that reflects the 
modification. In contrast, AN, LLOYD, and KODOSKY, when taken alone or in combination, 
do not teach or suggest these features of Claim 1. 
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In rejecting Claim 1, the Office completely ignores the above features of Claim 1. 
Specifically, the final Office Action provides no citations to any passages in AN, LLOYD, or 
KODOSKY that describe storing subscriber information and service information in a directory 
repository. Instead, the final Office Action seems to assert that the profile repository shown in 
Figs. 1 and 2 of AN is equivalent to the directory repository of Claim 1 . This is incorrect. 

In col. 3, lines 25-32, AN states that 

Each service manager has access to a respective profile repository 18 which 
identifies which features are to be provided on each line 10. The profile 
repository 18 for a given service manager is a memory storage allocation which 
may be stored on the respective service manager node 16, on the machine (such as 
a switch forming part of the PSTN) which implements the features, or on some 
other intermediate machine. 

Thus, while AN suggests that a profile repository may store information that identifies what 
features are provided on a subscriber's telephone line, nothing in AN is equivalent to the features 
of Claim 1 of subscriber information and service information that are stored in a directory 
repository. 

Further, absolutely nothing in AN teaches or suggests that the profile repository is 
organized as a directory. On page 13, the final Office Action interprets the feature of Claim 1 of 
"directory repository" to mean "any storage means." Such an interpretation reads an express 
term out of the claim contrary to the applicable case law. It is well-settled that "[a] 11 words in a 
claim must be considered in judging the patentability of that claim against the prior art." In re 
Wilson, 424 F.2d 1382, 1385, 165 USPQ 494, 496 (CCPA 1970). 

For at least the above reasons, AN, LLOYD, and KODOSKY do not teach, describe, or 
suggest the features of Claim 1 of: receiving, from a directory repository, first subscriber 
information and first service information representing only such services for which the 
subscriber is then currently subscribed; and sending the modified information to the directory 
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repository, resulting in creating and storing, in the directory repository, second service 
information that reflects the modification. 

For all the foregoing reasons, the rejection of Claim 1 under 35 U.S.C. § 103(a) over AN 
in view of LLOYD, and further in view of KODOSKY is unsupported in the cited references. 
Reversal of the rejection is respectfully requested. 

C. Independent Claim 1 is patentable over AN in view of LLOYD and further in 
view of KODOSKY because there is no suggestion or motivation to combine 
AN and KODOSKY 

In rejecting Claim 1, the Office has not provided a suggestion or motivation to combine 

AN and KODOSKY in order to make the combination of features of Claim 1 . The fact that 

references can be combined is not sufficient to provide the suggestion or motivation required to 

establish obviousness under 35 U.S.C § 103(a). Further, modifying AN according to the 

teachings of KODOSKY would violate the principle of operation of AN. Finally, there is no 

motivation to combine AN and KODOSKY because they are not analogous art. 

a. The final Office Action has not provided a suggestion or motivation to 
combine AN and KODOSKY, and one skilled in the art would not be 
motivated to modify AN to include a token as taught by KODOSKY 

As stated by the Court of Appeals for the Federal Circuit, "[t]o imbue one of ordinary 
skill in the art with knowledge of the invention in suit, when no prior art reference or references 
of record convey or suggest that knowledge, is to fall victim to the insidious effect of hindsight 
syndrome where that which only the inventor taught is used against its teacher." W.L. Gore & 
Assocs v. Garlock, Inc., 721 F.2d 1540, 1553, 220 USPQ 303, 312-13 (Fed. Cir 1983). The 
Federal Circuit has recently re-iterated that "the tests of whether to combine references need to 
be applied rigorously." McGinley v. Franklin Sports, Inc., 262 F.3d 1339, 60 USPQ2d 1001, 
1008 (Fed. Cir. 2001). Broad, conclusory statements regarding the teaching of multiple 
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references, standing alone, are not "evidence," (McElmurrary v. Arkansas Power & Light Col, 
995 F.2d 1576, 1578, 27 USPQ2d 1129, 1131 (Fed. Cit. 1993)), and a general relationship 
between fields of the prior art references is insufficient to suggest the motivation to combine 
such references (see/n re Dembiczak, 175 F.3d 994, 50 USPQ2d 1614, 1617 (Fed. Cir. 1999)). 

Guided by the foregoing principles, the final Office Action, which states that "[i]t would 
have been obvious for one of ordinary skill in the art to use a privilege token method of 
validation inasmuch as ... it is merely one of a plurality of well known methods of validation", 
does not meet the standard for an obviousness rejection under 35 U.S.C. § 103(a). The goals in 
this statement are so general and vague that they cannot rationalize the specific invention that is 
claimed. It is "impermissible to use the claimed invention as an instruction manual or 'template' 
to piece together the teachings of the prior art so that the claimed invention is rendered obvious" 
and that "[o]ne cannot use hindsight reconstruction to pick and choose among isolated 
disclosures in the prior art to deprecate the claimed invention." In re Fritch, 972 F.2d 1260, 23 
USPQ2d 1780, 1784 (Fed. Cir. 1992); quoting In re Fine, 837 F.2d 1071, 1075, 5 USPQ2d 1596, 
1600 (Fed. Cir. 1988). 

AN describes a system and method for allowing a telephone subscriber to update, over 
the Internet, the features that are provided on the subscriber's telephone line. (AN, Abstract.) 
The subscriber is required to authenticate itself by providing a telephone number (or Directory 
Number (DN)) and a PIN or password. (AN, Fig. 4; col. 1, lines 34-38; col. 5, lines 12-17.) 
Upon verification of the telephone number and the password, a Web server provides access to a 
series of HTML pages containing information associated with the particular telephone line. (AN, 
col. 5, lines 17-21.) Thus, in AN once a subscriber is authenticated based on his or her telephone 
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number and password, the subscriber is allowed access to browse and modify the features 
provided on his or her telephone line. 

Since the purpose of the system in AN is to provide subscribers with access to their 
telephone line features over the Internet, and since AN already provides a simple and 
straightforward mechanism for authenticating the subscribers, there is absolutely no need to 
modify AN to provide any additional authentication of the subscriber. Furthermore, neither AN 
nor any of the other cited references provides any reason for modifying AN to include an 
authorization service, which is separate from the authentication server and is capable of 
generating privilege tokens, as featured in Claim 1. 

For the above reasons, one of ordinary skill in the art would not be motivated to modify 

AN to include mechanisms that use tokens as taught by KODOSKY. Further, in light of the 

above reasons, the final Office Action uses impermissible hindsight gained from the Appellants' 

disclosure to combine the cited references. 

b. The fact that references can be combined or modified is not sufficient 
to establish prima facie case of obviousness under 35 ILS.C. § 103(a) 

"The mere fact that references can be combined or modified does not render the resultant 
combination obvious unless the prior art also suggests the desirability of the combination." In re 
Mills, 916 F.2d 680, 16 USPQ2d 1430 (Fed. Cir. 1990). Although a prior art device "may be 
capable of being modified to run the way the apparatus is claimed, there must be a suggestion or 
motivation in the reference to do so." Id, 916 F.2d at 682, 16 USPQ2d at 1432. In addition, the 
fact that the claimed invention is within the capabilities of one of ordinary skill in the art is not 
sufficient by itself to establish prima facie obviousness. See Ex parte Levengood, 28 USPQ2d 
1300 (Bd. Pat. App. & Inter 1993). The level of skill in the art cannot be relied upon to provide 
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the suggestion to combine references. Al-site Corp. v. VSIInt'l Inc., 174 F.3d 1308, 50 USPQ2d 
1161 (Fed. Cir. 1999). 

The final Office Action does not state any specific motivation that is found in AN, or in 
the knowledge generally available to one of ordinary skill in the art, for AN to use a privilege 
token as featured in Claim 1. The final Office Action merely states that "a token method of 
validation ... is merely one of a plurality of well known methods of validation." Even if a 
privilege token were one of a plurality of well-known methods of validation, this would not be in 
itself a sufficient motive to use a privilege token in the system described in AN. In fact, this 
argument in the final Office Action is self-defeating because it begs the question: if indeed there 
were a "plurality of well-known methods of validation", why would one of skill in the art pick 
specifically the "privilege token" method, and not any other "well-known" method? 

As discussed above, AN teaches that an authentication server validates a user's right to 

access and update features provided on a specific telephone line through the use of a telephone 

number associated with the line and a PIN or a password of the user. (AN, col. 7, lines 50-54.) 

While there may exist various authentication methods that can be used to authenticate a user in 

AN, there is absolutely no motivation or suggestion that it is desirable to specifically use an 

authentication mechanism with a privilege token that includes subscriber privilege information 

associated with the subscriber, as featured in Claim 1. 

c. Modifying AN to use a privilege token generated by an authorization 
service would violate the principle of operation of AN 

If the proposed modification or combination of the prior art would change the principle of 
operation of the prior art invention being modified, then the teachings of the references are not 
sufficient to render the claims prima facie obvious. In re Ratti, 270 F.2d 810, 123 USPQ 349 
(CCPA 1959) 
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AN teaches that an authentication server validates a user's right to access and update 
features provided on a specific telephone line through the use of a telephone number associated 
with the line and a PIN or a password of the user. Thus, in AN a principle of operation is to use 
a single-step password-based authentication mechanism, which is sufficient for providing the 
users with access to modify the features provided on their telephone lines with no further 
authorization being necessary. 

In contrast, if the AN system is modified to include privilege tokens as means for 
authorizing users to access the features provided on their telephone lines, then the principle of 
operation in AN of using a single-step authentication mechanism would be violated. Users 
attempting to access the features on their telephone lines would need to be authenticated in a first 
step, and then, in a second step, an authorization token would be generated for an authenticated 
user. For this reason, modifying AN to implement tokens, such as the tokens described in 
KODOSKY, would violate a principle of operation of AN. 

d. AN and KODOSKY cannot be combined because they are not analogous art 

"In order to rely on a reference as a basis for rejection of an applicant's invention, the 
reference must either be in the field of applicant's endeavor or, if not, then be reasonably 
pertinent to the particular problem with which the inventor was concerned." In re Oetiker, 977 
F.2d 1443, 1446, 24 USPQ2d 1443, 1445 (Fed. Cir. 1992). 

The present application is concerned with managing wireless network service 
subscriptions. In contrast, KODOSKY deals with providing a flexible programming 
environment that allows users to design virtual instrumentation applications. The graphical 
programs created using the system of KODOSKY can be downloaded to an embedded system 
for execution in a real-time manner. KODOSKY also provides a method for automatically 
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generating an embedded application in response to a graphical program created by a user. 
(KODOSKY, col. 3, line 61 to col. 4, line 4.) Thus, the teachings of KODOSKY are not at all 
pertinent to the problem of managing wireless network service subscriptions. 

In a case in which a combination of two references were used in support of an 
obviousness rejection, the Federal Circuit has stated that "[t]he combination of elements from 
non-analogous art sources, in a manner that reconstructs the applicant's invention only with the 
benefit of hindsight, is insufficient to present a prima facie case of obviousness. There must be 
some reason, suggestion, or motivation found in the prior art whereby a person of ordinary skill 
in the field of the invention would make the combination." In re Oetiker, 977 F.2d 1443, 24 
USPQ2d 1443 (Fed. Cir. 1992). Therefore, In re Oetiker stands for the proposition that it is not 
proper to combine non-analogous prior art. With respect to the present application, one skilled 
in the art of managing wireless network service subscriptions does not have to turn to the 
teachings of KODOSKY for any reason, much less to find motivation or suggestion to combine 
the authentication mechanism described in AN with a token for managing read/write access to a 
shared memory block as described in KODOSKY. 

For all the foregoing reasons, Claim 1 is patentable under 35 U.S. C. § 103(a) over AN in 
view of LLOYD, and further in view of KODOSKY because there is no suggestion or 
motivation to combine the cited references. Reversal of the rejection is respectfully requested. 

D. Dependent Claim 2 is patentable over AN in view of LLOYD and further in 
view of KODOSKY 

Dependent Claim 2 has been rejected as allegedly unpatentable under 35 U.S.C. § 103(a) 
over AN in view of LLOYD and further in view of KODOSKY. 
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Claim 2 depends from independent Claim 1 and thus includes each and every feature of 
the independent claim. Therefore, Claim 2 is patentable under 35 U.S.C. § 103(a) over AN in 
view of LLOYD and further in view of KODOSKY for at least the reasons given above with 
respect to Claim 1. 

In addition, Claim 2 includes one or more features that independently render it 

patentable. For example, Claim 2 comprises the features of: 

wherein the authorization service generates the privilege token by the steps of: 
receiving a user name associated with the subscriber and mapping the 

user name to a distinguished name in the directory repository; 
creating and storing as subscriber privilege information in the 

privilege token one or more roles occupied by the subscriber 
based on role information that is stored in the directory 
repository, said stored role information including mapping 
information that maps a role to one or more privileges that 
specify which telecommunications services a subscriber having 
that role can subscribe to. 

AN, LLOYD, and KODOSKY, do not describe or suggest any of these features of Claim 2. 
Specifically, since neither of these references describes or suggests storing subscriber 
information in a directory repository, these references cannot possibly teach the above features of 
Claim 2. 

Furthermore, in rejecting Claim 2, the final Office Action admits that AN does not teach 
mapping a user name to a distinguished name in a directory repository. However, the final 
Office Action asserts in page 7 that "mapping names or other identifiers is also old and well 
known in the art and would be merely a design choice or preference for one of ordinary skill in 
the art at the time the invention was made." The final Office Action further asserts that the 
Directory Number (DN) mapper described in col. 7, lines 33-48 in AN is equivalent to the 
feature of mapping a user name to a distinguished name in a directory repository. These 
assertions are incorrect. 
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First, a factually unsubstantiated assertion by the Office that a feature in a claim is "old 
and well known in the art" is not the standard for rejecting a claim under 35 U.S.C. § 103(a). It 
is never appropriate to rely solely on alleged common knowledge in the art without documentary 
support in the record as the principal evidence upon which a rejection is based. See In re Zurko, 
258 F.3d 1379, 1386, 59 USPQ2d 1693, 1697 (Fed. Cir. 2001); In reAhlert, 424 F.2d 1088, 
1092, 165 USPQ 418, 422 (CCPA 1970). Second, the Directory Number mapper described in 
AN "maps Directory Numbers to specific service managers, and returns a service manager class 
to support selecting the appropriate service manager adaptor 138." (AN, col. 8, lines 1-4.) Thus, 
the Directory Number mapper in AN maps a telephone number to a service manager and is not 
equivalent to the feature of Claim 2 of mapping a user name associated with a subscriber to a 
distinguished name in a directory repository. 

Regarding the feature of Claim 2 of creating and storing as subscriber privilege 
information in the privilege token one or more roles occupied by the subscriber based on role 
information that is stored in the directory repository, the final Office Action asserts in page 7 that 
"a subscriber in An et al. may have more than one line, i.e. a landline, a wireless subscription, 
pager service, local and/or long distance service etc. read as the claimed roles." The final Office 
Action provides no citations from AN to support this assertion. The final Office Action seems to 
contend that a type of a telephone line or number to which a user can subscribe is a role. In 
contrast, Claim 2 recites that the one or more roles are roles which are occupied by a 
subscriber. 

For all the foregoing reasons, the rejection of Claim 2 under 35 U.S.C. §103(a) over AN 
in view of LLOYD, and further in view of KODOSKY is unsupported in the cited references. 
Reversal of the rejection is respectfully requested. 



50325-0508 (Seq. No. 3254) 



25 



PRASAD, Ser. No. 09/800,646, GAU 2642, Examiner H. Agdeppa 

APPEAL BRIEF 

E. Dependent Claims 3 and 4 are patentable over AN in view of LLOYD and 
further in view of KODOSKY 

Dependent Claims 3 and 4 have been rejected as allegedly unpatentable under 35 U.S.C. 
§ 103(a) over AN in view of LLOYD and further in view of KODOSKY. 

Each of Claims 3 and 4 depends from independent Claim 1 , and thus includes each and 
every feature of the independent claim. Therefore, Claims 3 and 4 are patentable under 35 
U.S.C. § 103(a) over AN in view of LLOYD and further in view of KODOSKY for at least the 
reasons given above with respect to Claim 1 . 

In addition, each of Claims 3 and 4 includes one or more additional features that 
independently render it patentable. For example, Claim 3 includes the feature of determining 
whether the subscriber is currently logged in by determining whether a host object that uniquely 
identifies the subscriber exists. Claim 4 includes the features of subscribing the subscriber to the 
service by creating and storing a relation of a subscriber object that pro grammatically represents 
the subscriber to a service object that programmatically represents the service, and creating and 
storing one or more attribute values in the relation, where the attribute values define the 
subscription. In contrast, absolutely nothing in AN, LLOYD, and KODOSKY is even remotely 
similar, let alone be equivalent to, these features of Claims 3 and 4. 

The final Office Action rejects Claims 3 and 4 by stating in page 8: 

As to claims 3 and 4, such limitations merely address the programming level 
aspect of the invention, i.e. object-oriented languages that would implement the 
profile and validation aspects of the present invention. While An et al. describes 
the validation on a much higher level, such would also be obvious if not inherent 
in An et al. inasmuch as most of the programming languages or protocols used in 
tele/data communications in recent years have been object-oriented and are 
necessary to effect the operation in computer-based systems. 

The above rejection is improper because it is not based on commonly known facts, features 
inherently present in AN, or any other competent evidence whatsoever. The Office provides no 
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citations to AN and proffers no other documentary support in the above rejection of Claims 3 and 
4. It is never appropriate to rely solely on common knowledge in the art without evidentiary 
support in the record as the principal evidence upon which a rejection was based. See In re 
Zurko, 258 R3d 1379, 1386, 59 USPQ2d 1693, 1697 (Fed. Cir. 2001); In reAhlert, 424 F.2d 
1088, 1092, 165 USPQ 418, 422 (CCPA 1970). Thus, for this reason alone the rejections of 
Claims 3 and 4 must be reversed. 

In addition, Claims 3 and 4 are not reciting programming features per se; Claims 3 and 4 
recite using programming features in a particular innovative way to implement specific actions in 
modifying a subscription of a subscriber to one or more telecommunication services based on 
subscriber information and service information that are stored in a directory repository. Nothing 
in AN, LLOYD, and KODOSKY teaches, describes, or suggests these features of Claims 3 and 
4. 

For the foregoing reasons, the rejections of Claims 3 and 4 under 35 U.S.C. § 103(a) over 
AN in view of LLOYD, and further in view of KODOSKY are unsupported in the cited 
references. Reversal of the rejections is respectfully requested. 

F. Independent Claims 16-18 are patentable over AN in view of LLOYD and 
further in view of KODOSKY 

Independent Claims 16-18 have been rejected as allegedly unpatentable under 35 U.S.C. 
§ 103(a) over AN in view of LLOYD and further in view of KODOSKY. 

Claims 16-18 include features similar to Claim 1 discussed above, except in the context 
of a computer-readable medium (Claim 16) and an apparatus (Claims 17-18). Thus, for the same 
reasons discussed above with respect to Claim 1, the rejections of Claims 16-18 are unsupported 
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by the cited references. Reversal of the rejections of Claims 16-18 under 35 U.S.C. § 103(a) is 
respectfully requested. 

G. Independent Claims 9 and 13 are patentable over AN in view of LLOYD and 
further in view of KODOSKY 

Independent Claims 9 and 13 have been rejected as allegedly unpatentable under 35 
U.S.C. § 103(a) over AN in view of LLOYD and further in view of KODOSKY. 

Claims 9 and 13 include features similar to Claim 1 discussed above. Thus, for at least 
the reasons discussed above with respect to Claim 1, the rejections of Claims 9 and 13 are not 
supported by the cited references, and therefore Claims 9 and 13 are patentable under 35 U.S.C. 
§ 103(a) over AN in view of LLOYD and further in view of KODOSKY. Reversal of the 
rejections of Claims 9 and 13 are respectfully requested. 

H. Dependent Claim 10 is patentable over AN in view of LLOYD and further in 
view of KODOSKY 

Dependent Claim 10 has been rejected as allegedly unpatentable under 35 U.S.C. § 
103(a) over AN in view of LLOYD and further in view of KODOSKY. 

Claim 10 depends from independent Claim 9 and thus includes each and every feature of 
the independent claim. Therefore, Claim 10 is patentable under 35 U.S.C. § 103(a) over AN in 
view of LLOYD and further in view of KODOSKY for at least the reasons given above with 
respect to Claim 9. Reversal of the rejection of Claim 10 is respectfully requested. 

L Dependent Claim 11 is patentable over AN in view of LLOYD and further in 
view of KODOSKY 

Dependent Claim 1 1 has been rejected as allegedly unpatentable under 35 U.S.C. § 
103(a) over AN in view of LLOYD and further in view of KODOSKY. 
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Claim 1 1 depends from independent Claim 9 and thus includes each and every feature of 
the independent claim. Therefore, Claim 1 1 is patentable under 35 U.S.C. § 103(a) over AN in 
view of LLOYD and further in view of KODOSKY for at least the reasons given above with 
respect to Claim 9. 

In addition, Claim 1 1 includes one or more features that independently render it 
patentable. For example, Claim 1 1 comprises the feature of storing the privilege token in a 
service selection gateway for use in subsequent authorization processes related to the subscriber. 
AN, LLOYD, and KODOSKY do not describe or suggest any such feature. 

The final Office Action asserts that the Subscriber Service Provisioning Manager (SSPM) 
server 122 depicted in Fig. 14 of AN is equivalent to the service selection gateway featured in 
Claim 1 1 . However, in AN neither the SSPM server nor any of its components stores any 
information that can be used for any subsequent authorization relating to a user that is already 
logged in. On the contrary, in col. 7, lines 53-54, AN expressly states that authentication server 
136 (which is part of SSPM server 122) performs user authentication on a per transaction basis, 
i.e. the authentication server in AN authenticates the user every time the user requests to modify 
a feature provided on the user's telephone line. In contrast, Claim 1 1 includes the feature of 
storing the privilege token in a service selection gateway for use in subsequent authorization 
processes related to the subscriber. 

For the foregoing reasons, the rejection of Claim 1 1 under 35 U.S.C. § 103(a) over AN in 
view of LLOYD, and further in view of KODOSKY is unsupported in the cited references. 
Reversal of the rejection is respectfully requested. 

J. Dependent Claims 14 and 15 are patentable over AN in view of LLOYD and 
further in view of KODOSKY 
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Dependent Claims 14 and 15 have been rejected under 35 U.S.C. § 103(a) as allegedly 
unpatentable over AN in view of LLOYD and further in view of KODOSKY. 

Each of Claims 14 and 15 depends from independent Claim 13, and thus includes each 
and every feature of the independent claim. Thus, for at least the reasons given above with 
respect to Claim 13, the rejections of Claims 14 and 15 under 35 U.S.C. § 103(a) are 
unsupported by the cited references. Reversal of the rejections of Claims 14 and 15 is 
respectfully requested. 

K. Independent Claims 5 and 19-22 are patentable over AN in view of LLOYD 
further in view of KODOSKY and further in view of SLADEK because these 
references to not describe or suggest all features of the claims 

Independent Claims 5 and 19-22 have been rejected as allegedly unpatentable under 35 
U.S.C. § 103(a) over AN in view of LLOYD further in view of KODOSKY and further in view 
of SLADEK. 

Claims 5 and 19-22 includes features similar to the features of Claim 1 discussed above. 
Furthermore, in rejecting Claims 5 and 19-22 the final Office Action relies explicitly on AN, 
LLOYD, and KODOSKY, and not on SLADEK, to support prior disclosure of the features 
discussed above with respect to Claim 1. Thus, any combination of SLADEK with the other 
three references necessarily fails to teach the subject matter of Claims 5 and 19-22. Therefore, 
the rejections of Claims 5 and 19-22 are unsupported by the cited references for at least the 
reasons discussed above with respect to Claim 1. Reversal of the rejections of Claims 5 and 19- 
22 is respectfully requested. 

L. Dependent Claims 6-8 are patentable over AN in view of LLOYD further in 
view of KODOSKY and further in view of SLADEK 

50325-0508 (Seq. No. 3254) 30 



PRASAD, Ser. No. 09/800,646, GAU 2642, Examiner H. Agdeppa 

APPEAL BRIEF 

Dependent Claims 6-8 have been rejected under 35 U.S.C. § 103(a) as allegedly . 
unpatentable over AN in view of LLOYD further in view of KODOSKY and further in view of 
SLADEK. 

Each of Claims 6-8 depends from independent Claim 5, and thus includes each and every 
feature of the independent claim. Thus, for at least the reasons given above with respect to 
Claim 5, the rejections of Claims 6-8 under 35 U.S.C. § 103(a) are unsupported by the cited 
references. Reversal of the rejections of Claims 6-8 is respectfully requested. 

VIII. CONCLUSION AND PRAYER FOR RELIEF 

Based on the foregoing, it is respectfully submitted that the rejections of Claims 1-11 and 
13-22 lack the requisite legal and factual basis. Appellants therefore respectfully request that the 
Honorable Board reverse the rejections of Claims 1-4, 9-11, and 13-18 under 35 U.S.C. § 103(a) 
over AN in view of LLOYD and further in view of KODOSKY, and the rejections of Claims 5-8 
and 19-22 under 35 U.S.C. § 103(a) over AN in view of LLOYD further in view of KODOSKY 
and further in view of SLADEK. 
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The fee of $500 under 37 C.F.R. § 41.20(b)(2) is enclosed. If the fee is missing or 
insufficient, the Director is hereby authorized to charge any applicable fee to our Deposit 
Account No. 50-1302. 



Dated: February 2, 2006 



2055 Gateway Place, Suite 550 
San Jose, California 951 10-1089 
Tel: (408) 414-1080 
Fax: (408) 414-1076 



Respectfully submitted, 



HICKMAN PALERMO TRUONG & BECKER LLP 




Christopher J. Palermo, Reg. No. 42,056 
Stoycho D. Draganoff, Reg. No. 56,181 
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CLAIMS APPENDIX 

1 1 . A method of modifying a subscription of a subscriber to one or more 

2 telecommunications services based on subscriber information and service information 

3 that are stored in a directory repository, the method comprising the computer- 

4 implemented steps of: 

5 determining whether the subscriber is currently logged in, and if the subscriber is not 

6 currently logged in, directing the subscriber to log in through an authentication 

7 server and generating, by an authorization service, a privilege token associated 

8 with the authenticated subscriber that includes subscriber privilege 

9 information, wherein said authorization service is separate from said 

10 authentication server; 

1 1 receiving a modification request to modify the subscription of the subscriber to the 

12 one or more telecommunication services; 

13 determining, based on subscriber privilege information in the privilege token 

14 associated with the subscriber generated by the authorization service, whether 

1 5 the subscriber has privileges sufficient to carry out the requested modification; 

16 if the subscriber is determined to have sufficient privileges, then performing the steps 

17 of: 

18 receiving, from the directory repository, first subscriber information and first 

19 service information representing only such services for which the 

20 subscriber is then currently subscribed; 

21 modifying the first subscriber information and first service information to 

22 reflect the modification; 
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23 sending the modified information to the directory repository, resulting in 

24 creating and storing, in the directory repository, second service 

25 information that reflects the modification; 

26 generating an engagement request to engage the telecommunications service 

27 for the subscriber in order to fulfill the modification request. 

12. A method as recited in Claim 1, wherein the authorization service generates the 

2 privilege token by the steps of: 

3 receiving a user name associated with the subscriber and mapping the user name to a 

4 distinguished name in the directory repository; 

5 creating and storing as subscriber privilege information in the privilege token one or 

6 more roles occupied by the subscriber based on role information that is stored 

7 in the directory repository, said stored role information including mapping 

8 information that maps a role to one or more privileges that specify which 

9 telecommunications services a subscriber having that role can subscribe to. 

1 3. A method as recited in Claim 1, wherein the step of determining whether the 

2 subscriber is currently logged in comprises determining whether a host object that 

3 uniquely identifies the subscriber exists, and wherein the privilege token associated 

4 with the subscriber is stored with the host object that uniquely identifies the 

5 subscriber. 
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14. A method as recited in Claim 1, wherein the step of generating an engagement request 

2 comprises the steps of subscribing the subscriber to the service by creating and storing 

3 a relation of a subscriber object that programmatically represents the subscriber to a 

4 service object that programmatically represents the service, and creating and storing 

5 one or more attribute values in the relation, wherein the attribute values define the 

6 subscription. 

1 5. A method of modifying subscriptions of a group of subscribers to one or more 

2 telecommunications services based on subscriber information and service information 

3 that are stored in a directory repository, the method comprising the computer- 

4 implemented steps of: 

5 receiving from an administrator of the group, a request to modify the subscriptions of 

6 the subscribers to the one or more telecommunications services; 

7 determining, based on subscriber privilege information in a privilege token that is 

8 associated with the administrator and is generated by an authorization service, 

9 whether the administrator has privileges sufficient to carry out the requested 

10 modification; 

11 if the administrator is determined to have sufficient privileges, then performing the 

12 steps of: 

13 receiving, from the directory repository, current subscriber information and 

14 current service information representing then-current services to which 

15 the subscribers are subscribed; 
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16 modifying the subscriber information and service information to reflect the 

17 modifications, resulting in creating and storing, in the directory 

1 8 repository, updated service information that reflects the modifications; 

19 generating one or more requests to subscribe the telecommunications service 

20 to the group of subscribers to fulfill the request of the administrator. 

16. A method as recited in Claim 5, wherein the group of subscribers is defined explicitly 

2 by creating and storing a named group that contains one or more subscribers as group 

3 members. 

1 7. A method as recited in Claim 5, wherein the group of subscribers is defined implicitly 

2 such that the group comprises one or more subscribers in an object tree of the 

3 directory repository who are subordinate in the tree to a container node of the tree. 

18. A method as recited in Claim 5, further comprising the steps of subscribing one of the 

2 subscribers in the group to the service by creating and storing a relation of a 

3 subscriber object that pro grammatically represents the subscriber to a service object 

4 that programmatically represents the service, and creating and storing one or more 

5 attribute values in the relation, wherein the attribute values define the subscription. 

19. A method of automatically logging in a subscriber to all telecommunications services 
2 subscribed to by the subscriber based on subscriber information and service 
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3 information that are stored in a directory repository, the method comprising the 

4 computer-implemented steps of: 

5 receiving a request from the subscriber to log in to the telecommunications services; 

6 authenticating the subscriber by an authentication server; 

7 generating a privilege token associated with the subscriber by an authorization 

8 service, said privilege token including subscriber privilege information, 

9 wherein said authorization service is separate from said authentication server; 

10 determining whether the subscriber is allowed to automatically log into the 

1 1 telecommunication services, said determination based on subscriber privilege 

12 information in the privilege token associated with the subscriber; 

13 if the subscriber is allowed to automatically log into the telecommunications services, 

14 receiving, from the directory repository, a list of all services for which the 

1 5 subscriber is then currently subscribed, and automatically logging the 

16 subscriber into all services identified in the list. 

1 10. A method as recited in Claim 9, wherein automatically logging the subscriber into all 

2 services identified in the list comprises the steps of: 

3 for each of the services identified in the list: 

4 obtaining service information that describes the services from the directory 

5 repository; 

6 creating and storing a relation between a service object in the directory 

7 repository that uniquely identifies and represents each of the services 
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8 and privileges of the subscriber, and a subscriber object that uniquely 

9 represents the subscriber. 

1 11. A method as recited in Claim 10, further comprising the steps of storing the privilege 

2 token in a service selection gateway for use in subsequent authorization processes 

3 relating to the subscriber. 

1 12. (Canceled) 

1 13. A method of automatically subscribing a subscriber to a telecommunications service 

2 based on subscriber information and service information that are stored in a directory 

3 repository, the method comprising the computer-implemented steps of: 

4 receiving a request from the subscriber to obtain a list of available 

5 telecommunications services; 

6 generating a list of only those telecommunications services for which the subscriber 

7 has a privilege to subscribe to, based on privilege information and service 

8 information that is stored in the directory repository and associated with the 

9 subscriber, said privilege information associated with the subscriber 

10 specifying what telecommunications services the subscriber has privileges to 

1 1 subscribe to; 

12 receiving a subscriber selection of one of the telecommunications services from the 

13 generated list of telecommunications services; 
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14 verifying that the subscriber has privileges that permit the subscriber to subscribe to 

15 the selected telecommunications service; 

16 creating and storing updated subscription information in the directory repository; 

17 generating a request to subscribe the subscriber to the selected telecommunications 

1 8 service based on the updated subscription information. 

1 14. A method as recited in Claim 13, wherein said privilege information associated with 

2 the subscriber is comprised of a privilege token for the subscriber that identifies a role 

3 of the subscriber, wherein the privileges of the subscriber to subscribe to a 

4 telecommunications service is determined by the role in the privilege token for the 

5 subscriber. 

1 15. A method as recited in Claim 1 3, wherein generating a list of only those 

2 telecommunications services for which the subscriber has a privilege to subscribe to 

3 includes the step of generating and providing to the subscriber a custom display page 

4 that identifies only those telecommunications services for which the subscriber has a 

5 privilege to subscribe. 

1 16. A computer-readable medium carrying one or more sequences of instructions for 

2 modifying a subscription of a subscriber to one or more telecommunications services 

3 based on subscriber information and service information that are stored in a directory 

4 repository, which instructions, when executed by one or more processors, cause the 

5 one or more processors to carry out the steps of: 
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6 determining whether the subscriber is currently logged in, and if the subscriber is not 

7 currently logged in, directing the subscriber to log in through an authentication 

8 server and generating, by an authorization service, a privilege token associated 

9 with the authenticated subscriber that includes subscriber privilege 

10 information, wherein said authorization service is separate from said 

1 1 authentication server; 

12 receiving a modification request to modify the subscription of the subscriber to the 

13 one or more telecommunications services; 

14 determining, based on subscriber privilege information in the privilege token 

1 5 associated with the subscriber generated by the authorization service, whether 

16 the subscriber has privileges sufficient to carry out the requested modification; 

17 if the subscriber is determined to have sufficient privileges, the one or more sequences 

1 8 of instructions which, when executed, further cause the one or more 

19 processors to carry out the steps of: 

20 receiving, from the directory repository, first subscriber information and first 

21 service information representing only such services for which the 

22 subscriber is then currently subscribed; 

23 modifying the first subscriber information and first service information to 

24 reflect the modification; 

25 sending the modified information to the directory repository, resulting in 

26 creating and storing, in the directory repository, second service 

27 information that reflects the modification; 
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28 generating an engagement request to engage the telecommunications service 

29 for the subscriber in order to fulfill the modification request. 

1 17. An apparatus for modifying a subscription of a subscriber to one or more 

2 telecommunications services based on subscriber information and service information 

3 that are stored in a directory repository, comprising: 

4 means for determining whether the subscriber is currently logged in, and if the 

5 subscriber is not currently logged in, means for directing the subscriber to log 

6 in through an authentication server and means for generating a privilege token 

7 associated with the authenticated subscriber by an authorization service, said 

8 privilege token including subscriber privilege information, wherein said 

9 authorization service is separate from said authentication server; 

10 means for receiving a modification request to modify the subscription of the 

1 1 subscriber to the one or more telecommunications services; 

12 means for determining, based on subscriber privilege information in the privilege 

13 token associated with the subscriber generated by the authorization service, 

14 whether the subscriber has privileges sufficient to carry out the requested 

15 modification; 

16 means for receiving, from the directory repository, first subscriber information and 

17 first service information representing only such services for which the 

18 subscriber is then currently subscribed; 

19 means for modifying the first subscriber information and first service information to 

20 reflect the modification; 
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21 means for sending the modified information to the directory repository, resulting in 

22 creating and storing, in the directory repository, second service information 

23 that reflects the modification; 

24 means for generating an engagement request to engage the telecommunications 

25 service for the subscriber in order to fulfill the modification request. 

1 18. An apparatus for modifying a subscription of a subscriber to one or more 

2 telecommunications services based on subscriber information and service information 

3 that are stored in a directory repository, comprising: 

4 a network interface that is coupled to a data network that includes the directory 

5 repository for receiving information therefrom; 

6 a processor; 

7 one or more stored sequences of instructions which, when executed by the processor, 

8 cause the processor to carry out the steps of: 

9 determining whether the subscriber is currently logged in, and if the subscriber 

10 is not currently logged in, directing the subscriber to log in through an 

1 1 authentication server and generating, by an authorization service, a 

12 privilege token associated with the authenticated subscriber that 

13 includes subscriber privilege information, wherein said authorization 

14 service is separate from said authentication server; 

1 5 receiving a modification request to modify the subscription of the subscriber 

16 to the one or more telecommunications services; 
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17 determining, based on subscriber privilege information in the privilege token 

18 associated with the subscriber that is generated by the authorization 

19 service, whether the subscriber has privileges sufficient to carry out the 

20 requested modification; 

21 if the subscriber is determined to have sufficient privileges, the one or more 

22 sequences of instructions which, when executed, further cause the 

23 processor to: 

24 receiving, from the directory repository, first subscriber information 

25 and first service information representing only such services 

26 for which the subscriber is then currently subscribed; 

27 modifying the first subscriber information and first service information 

28 to reflect the modification; 

29 sending the modified information to the directory repository, resulting 

30 in creating and storing, in the directory repository, second 

3 1 service information that reflects the modification; 

32 generating an engagement request to engage the telecommunications 

33 service for the subscriber in order to fulfill the modification 

34 request. 

1 19. A method of modifying a subscription of a subscriber to a telecommunications service 

2 based on information stored in a directory repository, the method comprising the 

3 computer-implemented steps of: 
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4 receiving a request to identify one or more services to which a subscriber is 

5 subscribed, based on a prior request to modify the subscription of the 

6 subscriber to the telecommunications service; 

7 generating a list of the one or more services to which the subscriber is currently 

8 subscribed, based on group membership of the subscriber, one or more roles 

9 occupied by the subscriber, and authorization information associated with the 

10 subscriber that is stored in the directory repository, wherein said one or more 

1 1 roles are mapped to one or more privileges that specify which 

12 telecommunications services a subscriber having that role can subscribe to; 

13 generating individual service information for each of the one or more services in the 

14 list, based on subscriber information and service information that is stored in 

15 the directory repository, for use in automatically subscribing the subscriber to 

16 a service that is represented by the individual service information. 

1 20. A computer-readable medium carrying one or more sequences of instructions for 

2 modifying a subscription of a subscriber to a telecommunications service based on 

3 subscriber information and service information that are stored in a directory 

4 repository, which instructions, when executed by one or more processors, cause the 

5 one or more processors to carry out the steps of: 

6 receiving a request to identify one or more services to which a subscriber is 

7 subscribed, based on a prior request to modify the subscription of the 

8 subscriber to the telecommunications service; 
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9 generating a list of the one or more services to which the subscriber is currently 

10 subscribed, based on group membership of the subscriber, one or more roles 

1 1 occupied by the subscriber, and authorization information associated with the 

12 subscriber that is stored in the directory repository, wherein said one or more 

13 roles are mapped to one or more privileges that specify which 

14 telecommunications services a subscriber having that role can subscribe to; 

15 generating individual service information for each of the one or more services in the 

16 list, based on subscriber information and service information that is stored in 

17 the directory repository, for use in automatically subscribing the subscriber to 

18 a service that is represented by the individual service information. 

1 21. An apparatus for modifying a subscription of a subscriber to a telecommunications 

2 service based on subscriber information and service information that are stored in a 

3 directory repository, comprising: 

4 means for receiving a request to identify one or more services to which a subscriber is 

5 subscribed, based on a prior request to modify the subscription of the 

6 subscriber to the telecommunications service; 

7 means for generating a list of the one or more services to which the subscriber is 

8 currently subscribed, based on group membership of the subscriber, one or 

9 more roles occupied by the subscriber, and authorization information 

10 associated with the subscriber that is stored in the directory repository, 

1 1 wherein said one or more roles are mapped to one or more privileges that 
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12 specify which telecommunications services a subscriber having that role can 

13 subscribe to; 

14 means for generating individual service information for each of the one or more 

15 services in the list, based on subscriber information and service information 

16 that is stored in the directory repository, for use in automatically subscribing 

17 the subscriber to a service that is represented by the individual service 

18 information. 

1 22. An apparatus for modifying a subscription of a subscriber to a telecommunications 

2 service based on subscriber information and service information that are stored in a 

3 directory repository, comprising: 

4 a directory-enabled service selection framework that is coupled to the directory 

5 repository for receiving stored information therefrom; 

6 a processor; 

7 one or more stored sequences of instructions in the framework which, when executed 

8 by the processor, cause the processor to carry out the steps of: 

9 receiving a request to identify one or more services to which a subscriber is 

10 subscribed, based on a prior request to modify the subscription of the 

1 1 subscriber to the telecommunications service; 

12 generating a list of the one or more services to which the subscriber is 

13 currently subscribed, based on group membership of the subscriber, 

14 one or more roles occupied by the subscriber, and authorization 

15 information associated with the subscriber that is stored in the 
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16 directory repository, wherein said one or more roles are mapped to one 

17 or more privileges that specify which telecommunications services a 

1 8 subscriber having that role can subscribe to; 

19 generating individual service information for each of the one or more services 

20 in the list, based on subscriber information and service information that 

21 is stored in the directory repository, for use in automatically 

22 subscribing the subscriber to a service that is represented by the 

23 individual service information. 
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